pvmfw: Support instance.img for storing DICE salt
On boot, attempt to read the DICE hidden input (salt) from persistent
storage, in order to provide persistence of secrets across reboots of
the same kernel/ramdisk images. To ensure that the salt is only re-used
with the same preloaded images signed by the same authority, store the
other DICE inputs so that they can be verified to match on the next
boot.
Implement support for parsing GUID Partition Tables (GPT) on top of
virtio-blk, to locate, read from, and write to named partitions.
Implement support for the instance.img format, defined by the AVF team,
and conceptually acting as a filesystem within the GPT partition named
"vm-instance", where each stage of the pVM boot process owns an entry
(sometimes called a partition), identified through a UUID.
As the host is in charge of providing the file backing the virtual disk,
the content of the instance.img entry will be encrypted in a following
commit.
Bug: 262344886
Test: atest MicrodroidHostTests
Change-Id: Ic43bb7780b5e106002590f9c97cd900c3ff5e3d9
diff --git a/pvmfw/Android.bp b/pvmfw/Android.bp
index 7561800..193ffa9 100644
--- a/pvmfw/Android.bp
+++ b/pvmfw/Android.bp
@@ -21,7 +21,9 @@
"libonce_cell_nostd",
"libpvmfw_avb_nostd",
"libpvmfw_embedded_key",
+ "libstatic_assertions",
"libtinyvec_nostd",
+ "libuuid_nostd",
"libvirtio_drivers",
"libvmbase",
"libzeroize_nostd",